{"uuid": "cdfce982-bd7b-491c-a605-a6ce059b7de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17924", "type": "seen", "source": "https://t.me/arpsyndicate/765", "content": "#ExploitObserverAlert\n\nCVE-2018-17924\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2018-17924. Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.\n\nFIRST-EPSS: 0.000560000\nNVD-IS: 4.0\nNVD-ES: 3.9", "creation_timestamp": "2023-11-29T16:06:14.000000Z"}